The exploit that writes its own story.

CISA warns CopyFail is under active exploitation. Attackers compromise installers for a widely used disk imaging utility. MuddyWater masks cyberespionage as ransomware. Attackers spread malware through a fake OpenClaw plugin. Researchers ID a new Linux RAT. Vimeo blames a third party provider for a recent breach. Palo Alto’s Captive Portal is under attack. The FTC settles with a data broker over location sharing. A former Conti gang member gets jail time. Our guest is Dov Yoran, CEO of Command Zero, discussing how cybersecurity teams are fighting AI with AI. Geotargeting turns creepy.

Remember to leave us a 5-star rating and review in your favorite podcast app.

Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.

CyberWire Guest

Today we are joined by Dov Yoran, CEO of Command Zero, discussing how cybersecurity teams are fighting AI with AI.

Selected Reading

Attackers are cashing in on fresh 'CopyFail' Linux flaw (The Register)

Hackers compromise Daemon Tools in global supply-chain attack, researchers say (The Record)

Iranian APT Intrusion Masquerades as Chaos Ransomware Attack (SecurityWeek)

Malicious OpenClaw Skill Targets DeepSeek Agentic AI Workflows (Cyber Press)

Sophisticated Quasar Linux RAT Targets Software Developers (SecurityWeek)

ShinyHunters claims dump puts 119K Vimeo emails in the wild (The Register)

Palo Alto Networks warns of firewall RCE zero-day exploited in attacks (Bleeping Computer)

FTC bans data broker Kochava from selling sensitive location info (The Record)

Conti, Akira Affiliate Sentenced to 102 Months in Prison for Ransomware and Extortion Operations Targeting over 50 Organizations (TechNadu)

A college student is suing a dating app that allegedly used her TikTok videos to target men in her dormitory (CyberScoop)

Share your feedback.

What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show.

Want to hear your company in the show?

N2K CyberWire helps you reach the industry’s most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com.

The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices